One of the most important tools governing user access to your site's navigation, content, and communities are Security Groups. You can think of Security Groups as high-level categories to which your users belong. They allow you to manage:
- What navigation items and content your users are allowed to view and access across your site.
- Which individual communities your users are allowed to join.
TIP: See Understand Join and View permissions to learn how to set and manage these permissions.
Most content across your site -- including your communities, their associated Discussions and Libraries, and even individual pages and content within those pages -- can be assigned unique Join and/or View permissions to control access to that content.
Security Groups simplify managing these permissions because you can assign permissions to the group (instead of to individual users) and then add users to the group, thereby automatically assigning those permissions to those users -- each user that is added to the Security Group inherits the group's default set of permissions.
Member access overview
Users with Member access are considered members of your site. While IsMember is the default Higher Logic Security Group for Member access, you can, of course, create additional Security Groups that grant users Member access, if your organization has multiple groups of users who need it. The most common of these is the “Staff” Security Group for organization staff, while others include “Associate Member” and “Student Member.”
Users with Member access can:
- Be searched using the Member Directory;
- Send and receive contact requests and inbox messages;
- Create a personal network of contacts by connecting with other users;
- View/join communities with “Members Only” permissions;
- And access "Members Only" content.
Default Higher Logic Security Groups
There are four default Higher Logic Security Groups which are described below:
NOTE: These default Higher Logic Security Groups are in all Communities, including AMS-managed.
- Higher Logic Admin - Users in this Security Group are global administrators with universal access and editing rights, commonly referred to as "Super Admins."
- IsMember - Users in this Security Group have Member permissions, commonly referred to as "IsMember." Specific communities, pages, and content is often only made available to Members as a benefit of membership. Those with Member permissions also have access to content and functionality set to Authenticated. Refer to Member access overview, above, for additional information.
- Authenticated - Any logged in user. An authenticated user may or may not have Member status. Content and functionality is often set to Authenticated to encourage users to become members.
- Public - Any user without a login.
NOTE: Refer to Manage Security Groups section to learn how to assign users to Higher Logic Security Groups and manage them.
AMS-managed vs. Higher Logic Security Groups
If your site is AMS-managed ("integrated"), you might have a mix of Higher Logic Security Groups and AMS-managed Security Groups. AMS-managed Security Groups are managed and assigned to users exclusively in your AMS/CRM, not in Higher Logic.
- AMS-managed Security Groups have an AMS key that corresponds to the primary key for the member type/Security Group in your AMS/CRM database. When that database and your Higher Logic site are synchronized, users will automatically be managed (added / removed) in these Security Groups, in your Community, based on the business rules in your AMS/CRM.
- Higher Logic Security Groups are created and managed in your Higher Logic site. Users are added to and removed from these Security Groups either manually in the Admin interface or via Automation Rules.
Some Security Groups activities in your Community can be written to your AMS/CRM database during the standard activity-sync process.
- Navigate to Settings > External Content > Activity Sync in the Admin interface in order to manage writeback activities on the Subscriptions tab.
To learn about the activity-sync process, see Member Activity Sync.
Permissions via Automation Rules
Higher Logic Automation Rules work as "virtual community assistants" that you can configure to automate tedious and time-consuming actions that have to be performed repeatedly. You can set up Automation Rules to add/remove users to/from Higher Logic-managed Security Groups; so that the assigning and revoking of Member permissions is automated.
TIP: Learn how to create and manage Automation Rules in your Community so that you can add and remove users in Security Groups.
If your Higher Logic site is AMS-managed, it's important to note that you cannot manage Member permissions (IsMember) with Automation Rules.
IMPORTANT: In AMS-managed Communities, IsMember status is granted and removed only via the account's AMS-managed Security Groups.
CMS security settings
The CMS is Higher Logic's central navigation- and content-management editor. With it, you can:
- Manage site navigation
- Create new pages and update existing ones
- Add and remove content to and from pages, and determine content placement
- Hide or remove pages or content
- And perhaps most importantly, control who can access pages and content on those pages by setting a View permission (e.g., Members only).
See CMS Overview to learn more about the Higher Logic CMS.
See Control Who Can Access Pages & Content to learn how to set view permissions for your pages and content.
Security Group Summary report
It's important to understand your various Security Groups and their access rights to your site. One way to view your Security Groups is using the Security Group Summary report. This report indicates whether certain member types are prohibited from coming over from your integrated database to Higher Logic, and provides a list of Security Groups that are considered IsMember. In addition, it shows the number of users belonging to each Security Group (you can click the blue numbers to view them).
- In the Admin Toolbar, click Admin.
- Navigate to Users > Reports.
- Scroll down to the Security Groups Summary section and click View Report.